Another month, another absurd amount of data breached. The start of October saw an update in one of the most notorious data breaches of all time: Yahoo said in a statement that all 3 billion of its accounts were hacked in data breach which occurred in 2013. This tripled the original number of thought accounts breached, which already holds the record of data breached.
Additionally, another numbers update is with the Equifax data breach. According to the credit reporting agency, an additional 2.5 million US consumers and a total of 694,000 UK consumers had their data stolen. This bumps the total number of victims up to about 146 million.
October 1st – Gaming Service R6BD Goes Down After Database Wiped and Held for Ransom
The online gaming service went down after an attacker wiped the company’s entire database and held it for ransom. In a statement released by the company, their server was accessed by an automated bot which was able to wipe their database – and the bot was able to access the database in the first place as the company’s engineers left remote connections enabled.
October 5th – More Than 17.5M Disqus Users’ Data Stolen in 2012 Data Breach
Disqus, a company which provides a popular web-based comment plugin used by websites and blogs, admitted that it was hit by a cyber attack about five years ago. In July 2012, hackers stole details of more than 17.5 million Disqus users. The data includes email addresses and usernames.
October 11th – Hackers Use Customized Malware to Steal $60M from Taiwanese Bank
By taking advantage of the SWIFT banking network, cyber criminals were able to successfully plant malware on a Taiwanese bank’s servers and steal $60 million. The Far Eastern International Bank confirmed the hack and that the malware was found on its servers and computer systems in addition to its SWIFT terminal.
October 13th – DDoS Attacks Hits Transport Services in Sweden
Sweden’s transportation services were hit with a series of two DDoS attacks which caused train delays and disrupted travel for many commuters. The first attack hit internet service providers TDC and DGC which power the Sweden Transport Administration (Trafikverket). According to reports the DDoS blitz caused a major IT system to crash and took down the agency’s email system, website, and traffic maps. The day after, the second DDoS attack affected the Swedish Transport Agency’s website – an organization responsible for transport system regulations. Additionally, the attack hit Vasttrafik, a public transport operator, causing its ticket booking app to crash.
October 17th – Data Breach Exposes Millions of South Africans’ Personal Records
A trove of data containing the personal information of more than 60 million South African citizens has been breached in the biggest data breach to hit South Africa. The breached information includes citizen’s full names, identity numbers, gender, employment history, income, addresses and property ownership.
October 24th – Tarte Exposes the Personal Information of 2M Customers
A popular cosmetics brand called Tarte has exposed the personal information of around 2 million customers in a couple of unsecured databases left online. The databases contained customer email addresses, home addresses, and the last four digits of credit card numbers.
Sign up today & never miss an update from the Checkmarx blog
Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.